Go | New | Find | Notify | Tools | Reply | |
| Ignored facts still exist |
Add Crowdstrike to the growing list of companies run by morons. . | |||
|
Optimistic Cynic |
A quick Ducky search reveals some facts about this situation. The problem is, apparently, with a CrowdStrike product named "Falcon." Falcon is a daemon that is intended to detect and respond to threats against the system. My speculation is that the new revision got a little over-eager and detected a false positive system compromise, and responded by locking down the system resulting in a BSoD. In other words, it did what it was supposed to do, only too much so. Of course, it certainly is possible that all those affected systems actually did have some sort of malware already present on them, and were waiting for a bad actor to activate them en masse, potentially resulting in a much worse event. The real issue is the near uniformity of installed OS (Windows) and security software (Crowdstrike Falcon) in the business community. The impetus to install the "market leading" software results in a self-reinforcing situation where everybody becomes vulnerable to the same attack, greatly simplifying an attacker's job. System administrators responsible for significant assets would do well to learn from this situation and base their infrastructures going forward on non-mainstream systems, or at least have a backup system in place that works differently from the production system. | |||
|
Member |
Honest mistake? (doubtful) Incompetence? (possible) DEI? (probable) "Wrong does not cease to be wrong because the majority share in it." L.Tolstoy "A government is just a body of people, usually, notably, ungoverned." Shepherd Book | |||
|
thin skin can't win |
While Amazon is up, their customer support is not. I bit of a disruption in F1 practice earlier. Not the sponsor image you're hoping to be in circulation.....  You only have integrity once. - imprezaguy02 | |||
|
| bigger government = smaller citizen  |
This just happened to us a few months ago. Crowdstrike errantly identified a Windows system file as malicious and sent the Windows systems into bluescreen cycles and eventually, by design, into Bitlocker lockdown mode. The fact that heads didn’t roll when this happened a few months ago, leads me to believe that there should be a larger swath of firings this time around. This is (probably) not anything to get into a frenzy about, other than to hopefully wake people up to the lack of control we have when everything is SaaS-controlled due to the “cost savings” of running lean. Crowdstrike is just like every other garbage AV company in that they will happily take your money, while creating a shittier product over time. “The urge to save humanity is almost always only a false-face for the urge to rule it.”—H.L. Mencken | |||
|
| Member |
This reminds me of the time a video game that I played offered a new patch for download. Problem with it is that they were deleting their boot.ini file within the game files, unfortunately the code deleted the individual user Windows boot.ini file and when they restarted their pc........bricked. (Eve Online - 2007) https://www.eveonline.com/news...t-the-boot.ini-issue Of course the company downplayed the error.  <>< America, Land of the Free - because of the Brave | |||
|
| What is the soup du jour? |
Catastrophic where I am. Live update/cloud based software is the worst. | |||
|
| would not care to elaborate  |
my kid's flying around Europe for the next few days, hope she doesn't get caught up in it too much. | |||
|
Member |
Lesson 1: Don’t run business/mission critical systems on Windows. Lesson 2: Don’t connect critical infrastructure systems to the internet. Just in general, but not specifically an issue in this event. Update with the poison file (invalid format in this case) came through the official channel. Of course the current mantra in IT with Agile / DevSecOps is “Move fast and break things”. Also puts the whole thing about how software is eating the world into a different perspective. | |||
|
For real? |
It hit us at work sometime after midnight. 911 went down. Computers went down. I'm not the IT person but I kept getting calls. I was 550 miles away on vacation. I told them to call the IT people we pay monthly to fix it. Anyways, I get to work today at 9:30 after driving 6 hours and get to work to fix stuff (while I'm still on vacation till Monday) that the IT company couldn't, and I got written up for something that happened a week ago and suspect didn't even complain. Just a coworker who read a report and said I violated some taser policy which we don't have one. smh Not minority enough! | |||
|
| Peace through superior firepower  |
SIGforum is up. Namaste | |||
|
A Grateful American |
Good news. All nine the countries with nuclear weapons use CrowdStrike's Falcon EDR... "the meaning of life, is to give life meaning" ✡ Ani Yehudi אני יהודי Le'olam lo shuv לעולם לא שוב! | |||
|
Member |
Sounds about as secure as the secret service | |||
|
| Peace through superior firepower |
Class? | |||
|
Member |
Now imagine your pc is bricked and all of your money was tied up in the gov't CBDC! Or worse, your CBDC was bricked. Hedley Lamarr: Wait, wait, wait. I'm unarmed. Bart: Alright, we'll settle this like men, with our fists. Hedley Lamarr: Sorry, I just remembered . . . I am armed. | |||
|
| Savor the limelight |
Politics in an apolitical thread? | |||
|
| A Grateful American |
 "the meaning of life, is to give life meaning" ✡ Ani Yehudi אני יהודי Le'olam lo shuv לעולם לא שוב! | |||
|
| Peace through superior firepower |
Politics in an apolitical thread, yes, thank you. Now, as I was saying, my TV remote control is functioning properly. Microwave, too. I don't see the problem. | |||
|
Member |
 _____________________________________________ I may be a bad person, but at least I use my turn signal. | |||
|
| Peace through superior firepower |
Just tried my garage door. Goes up, goes down. Stops when I stop it. Starts when I start it. I don't see the problem | |||
|
| Powered by Social Strata | Page 1 2 3 4 5 6 |
 | Please Wait. Your request is being processed... |
|
© SIGforum 2024